CareFirst says data breach affects about 1.1M people

NEW YORK – Health insurer CareFirst BlueCross BlueShield says hackers gained access to a database that included the names of 1.1 million people.

The Maryland-based company says the breach happened in June 2014. It says the attackers got into a database that included the names, usernames, birth dates, email addresses and subscriber ID numbers of about 1.1 million current and former members and people who did business with CareFirst.

The company says the attackers did not get access to members' passwords because those are encrypted and stored in a separate system. They also didn't get access to Social Security numbers, medical claims, or credit cards.

Hackers in December or January broke into a database belonging to health insurer Anthem that held information for about 80 million people, including names, employment details and Social Security numbers.